Privacy

It’s summertime (not really) and our thoughts naturally turn (again not really) to summer students, interns and other temporary employees. Some of these indentured servants, er, temporary workers, will return to their studies in the fall, some will wander off to other jobs and others may even become permanent employees. For those employers thinking of bringing on some short-term help, here are some things to keep in mind:

Regardless of a worker’s status, they have the same ability to expose you to liability as any long-standing employee. Make sure short-term workers are fully aware of their confidentiality and privacy obligations, and any other policies and procedures applicable to the workplace. Have them acknowledge consent in writing – if your workers are not working for ordinary remuneration, as in the case of volunteers or unpaid interns, you will have to be very careful about making sure that written agreements document the legal consideration that binds employees to their part of the contract; this is not something that should be done without legal review. Failure to do this right may leave you with an ambiguous agreement, or, worse yet, an entirely unenforceable contract.

Make sure temporary workers understand the limits of their authority. The law of agency may leave you on the hook for any agreements or obligations that they enter into on behalf of the business.

Remember that the Employment Standards Act mandates minimum notice periods (or pay in lieu thereof) for without cause terminations. These apply even in the event of a short-term employment situation and cannot be contracted out of. Make sure you’re aware of the notice periods appropriate to your staff in the event of a termination. Make sure you’re very aware of the common law notice periods and remember that these often can be contracted out of.

Supervise and manage your short-term employees properly. They may not have the same commitment to the workplace that you’re used to and that could be a huge problem. There are issues much more problematic than time theft to worry about.

Lastly, as always, if you have any questions about any of these issues, give us a call.

Almost a decade and a half after invasion of privacy was touted to be the tort of the 21st century, and after almost a century and a half of debate, Ontario got its first civil award for damages in a privacy breach this week.

Calling it “intrusion upon seclusion”, the Ontario Court of Appeals awarded the plaintiff $10,000 in Jones v. Tsige, for the defendant’s repeated, unauthorized snooping into the plaintiff’s banking records (the two were employees of the same bank).

The legal test was enumerated as follows:

“One who intentionally intrudes, physically or otherwise, upon the seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the invasion would be highly offensive to a reasonable person.”

Of particular interest in the case, is that the court explicitly noted that the right of individuals to this civil remedy lies in addition to statutory remedies available under PIPEDA and similar privacy legislation. While this ruling will have a considerable effect on privacy law in Ontario, the court does not feel that it will “open up the floodgates.” The court noted that the facts of the case limited the availability of the tort:

“The key features of this cause of action are, first, that the defendant’s conduct must be intentional, within which I would include reckless; second that the defendant must have invaded, without lawful justification, the plaintiff’s private affairs or concerns; and third, that a reasonable person would regard the invasion as highly offensive causing distress, humiliation or anguish.”

The court further limited the scope of what constitutes the kind of privacy breach that could give rise to an action:

“…it is only intrusions into matters such as one’s financial or health records, sexual practices and orientation, employment, diary or private correspondence that, viewed objectively on the reasonable person standard, can be described as highly offensive.”

But perhaps the most sobering aspect of the judgment is the award. Saying that it could only award moral damages, the court decided on $10,000 for the plaintiff’s humiliation and suffering. Some analysts have suggested that this could be seen as a modest fee by those who are intent on breaching privacy for nefarious reasons.

What is unclear is the effect this will have on our clients – business owners. It is certain that the obligation to protect the privacy of customers and employers is as strong as ever, but it is important to note that in the present case, the court noted that the defendant’s actions were that if a rogue employee who had violated the employer’s code of conduct, and thus no action was available (presumably under PIPEDA) to the plaintiff.

We will be watching further developments in this area with great interest – particularly to see if this case is appealed to the Supreme Court.